Add a second WAN port using a LAN port for mwan3 not issuing DHCP addresses

troysio · October 13, 2020, 5:05am

I've got an RBM33G Routerboard and seem to be having trouble with a second WAN port in which I used an open LAN to configure. Everything seems to work find, except I can't get dnsmasq and VLANs to issue dynamic IP addresses which are connected to the now single LAN port.

Model	MikroTik RouterBOARD M33G
Architecture	MediaTek MT7621 ver:1 eco:3
Firmware Version	OpenWrt 19.07.4 r11208-ce6496d796 / LuCI openwrt-19.07 branch git-20.247.75781-0d0ab01
Kernel Version	4.14.195

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fdca:b8b9:2e33::/48'

config interface 'lan'
	option ifname 'eth0.1'
	option proto 'static'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'
	option ip6assign '60'

config device 'lan_eth0_1_dev'
	option name 'eth0.1'
	option macaddr '74:4d:28:53:cd:16'

config device 'wan_eth0_2_dev'
	option name 'eth0.2'
	option macaddr '74:4d:28:53:cd:17'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '6t 0'
	option vid '1'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option vid '2'
	option ports '6t 1'

config switch_vlan
	option device 'switch0'
	option vlan '3'
	option vid '20'
	option ports '6t 2t'

config interface 'wan'
	option ifname 'eth0.2'
	option proto 'static'
	option metric '10'
	option broadcast '67.79.97.159'
	option ipaddr '67.79.97.154'
	option gateway '67.79.97.153'
	list dns '209.18.47.61'
	list dns '209.18.47.62'
	list dns '8.8.8.8'
	list dns '8.8.4.4'
	option netmask '255.255.255.248'

config interface 'wanb'
	option ifname 'eth0.20'
	option proto 'dhcp'

config switch_vlan
	option device 'switch0'
	option vlan '4'
	option vid '4'
	option ports '6t 1t 2t 0t'

config switch_vlan
	option device 'switch0'
	option vlan '5'
	option vid '5'
	option ports '6t 1t 2t 0t'

config switch_vlan
	option device 'switch0'
	option vlan '6'
	option vid '6'
	option ports '6t 1t 2t 0t'

config switch_vlan
	option device 'switch0'
	option vlan '7'
	option vid '7'
	option ports '6t 1t 2t 0t'

config switch_vlan
	option device 'switch0'
	option vlan '8'
	option vid '8'
	option ports '6t 1t 2t 0t'

config interface 'VLAN4_UNT'
	option ifname 'eth0.4'
	option proto 'static'
	option ipaddr '192.168.2.1'
	option netmask '255.255.255.0'
	option type 'bridge'
	list dns '192.168.2.10'
	list dns '192.168.2.1'
	list dns '8.8.8.8'
	list dns '8.8.4.4'

config interface 'VLAN5_UNT'
	option proto 'static'
	option netmask '255.255.255.0'
	option ifname 'eth0.5'
	option ipaddr '10.5.10.1'
	option type 'bridge'

config interface 'VLAN6_UNT'
	option proto 'static'
	option netmask '255.255.255.0'
	option ifname 'eth0.6'
	option ipaddr '10.6.10.1'
	option type 'bridge'

config interface 'VLAN8_UNT'
	option proto 'static'
	option netmask '255.255.255.0'
	option ifname 'eth0.8'
	option ipaddr '10.8.10.1'
	option type 'bridge'

config switch_vlan
	option device 'switch0'
	option vlan '9'
	option vid '9'
	option ports '6t 1t 2t 0t'

config switch_vlan
	option device 'switch0'
	option vlan '10'
	option vid '10'
	option ports '6t 1t 2t 0t'

config interface 'VLAN7_PRT'
	option ifname 'eth0.7'
	option proto 'static'
	option ipaddr '10.7.10.1'
	option netmask '255.255.255.0'
	option broadcast '10.7.10.255'
	list dns '8.8.8.8'
	list dns '8.8.4.4'
	option type 'bridge'
	option delegate '0'

config switch_vlan
	option device 'switch0'
	option vlan '11'
	option vid '11'
	option ports '6t 1t 2t 0t'

config switch_vlan
	option device 'switch0'
	option vlan '12'
	option vid '12'
	option ports '6t 1t 2t 0t'

config switch_vlan
	option device 'switch0'
	option vlan '13'
	option vid '13'
	option ports '6t 1t 2t 0t'

config interface 'VLAN9_UNT'
	option ifname 'eth0.9'
	option proto 'static'
	option type 'bridge'
	option ipaddr '10.9.10.1'
	option netmask '255.255.255.0'
	option delegate '0'
	list dns '8.8.8.8'
	list dns '8.8.4.4'
	option broadcast '10.9.10.255'

config interface 'VLAN10_WIFI'
	option proto 'static'
	option ifname 'eth0.10'
	option type 'bridge'
	option ipaddr '172.16.88.1'
	option netmask '255.255.255.0'
	list dns '8.8.8.8'
	list dns '8.8.4.4'
	option broadcast '172.16.88.255'
	option stp '1'

config interface 'VLAN11_WIFI'
	option proto 'static'
	option ifname 'eth0.11'
	option type 'bridge'
	option ipaddr '172.16.89.1'
	option netmask '255.255.255.0'
	list dns '8.8.8.8'
	list dns '8.8.4.4'
	option broadcast '172.16.89.255'
	option stp '1'

config interface 'VLAN12_APS'
	option proto 'static'
	option ifname 'eth0.12'
	option broadcast '172.17.88.255'
	option ipaddr '172.17.88.1'
	option netmask '255.255.255.0'
	option delegate '0'
	list dns '8.8.8.8'
	list dns '8.8.4.4'

config interface 'VLAN13_MGT'
	option ifname 'eth0.13'
	option proto 'static'
	option broadcast '172.172.77.255'
	option ipaddr '172.172.77.1'
	option netmask '255.255.255.0'
	option delegate '0'
	list dns '8.8.8.8'
	list dns '8.8.4.4'

config switch_vlan
	option device 'switch0'
	option vlan '14'
	option vid '3'
	option ports '6t 1t 2t 0t'

config interface 'VLAN3_VOX'
	option proto 'static'
	option netmask '255.255.255.0'
	option type 'bridge'
	option ipaddr '10.3.10.1'
	option dns '8.8.8.8 8.8.4.4'
	option ifname 'eth0.3'
	option delegate '0'

config interface 'CYFR_VPN'
	option proto 'wireguard'
	option private_key 'XXXXXXXXXXXX'
	option force_link '1'
	option delegate '0'
	list addresses '10.19.39.2/32'

config wireguard_CYFR_VPN
	option public_key 'XXXXXXXXXXXXX'
	option description 'P2P gateway'
	option persistent_keepalive '25'
	list allowed_ips '10.19.39.0/24'
	list allowed_ips '10.11.10.0/24'
	list allowed_ips '10.100.6.0/24'
	option route_allowed_ips '1'
	option endpoint_host 'xxxxxxx'
	option endpoint_port '10308'

/etc/config/dhcp


config dnsmasq
	option logdhcp '1'
	option logqueries '0'
	option logfacility '/tmp/dnsmasq.log'
	option domainneeded '0'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.auto'
	option localservice '1'
	list server '8.8.8.8'
	list server '8.8.4.4'
	option allservers '1'
	option nonegcache '0'
	option filterwin2k '0'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option leasetime '12h'
	option limit '150'
	option force '1'
	list dhcp_option '132,VID=3'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '1'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

config dhcp 'VLAN3_VOX'
	option start '100'
	option leasetime '12h'
	option limit '150'
	option interface 'VLAN3_VOX'
	option force '1'
	list dhcp_option '132,VID=3'
	list dhcp_option '6,10.3.10.1,8.8.8.8,8.8.4.4'

config dhcp 'VLAN4_UNT'
	option start '100'
	option leasetime '12h'
	option limit '150'
	option interface 'VLAN4_UNT'
	list dhcp_option '132,VID=3'
	list dhcp_option '6,192.168.2.10,192.168.2.1,8.8.8.8,8.8.4.4'
	option force '1'

config dhcp 'VLAN5_UNT'
	option start '100'
	option leasetime '12h'
	option limit '150'
	option interface 'VLAN5_UNT'
	list dhcp_option '132,VID=3'
	list dhcp_option '6,8.8.8.8,8.8.4.4'
	option netmask '255.255.255.0'
	option force '1'

/etc/config/firewall

config defaults
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option synflood_protect '1'

config zone
	option input 'ACCEPT'
	option name 'voice'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	option network 'VLAN3_VOX'
	list device 'eth0.3'

config zone
	option name 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	option network 'lan'

config zone
	option name 'wan'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option masq '1'
	option mtu_fix '1'
	option network 'WAN WANB wan wanb'

config forwarding
	option src 'lan'
	option dest 'wan'

config rule
	option name 'Allow-DHCP-Renew'
	option proto 'udp'
	option dest_port '68'
	option target 'ACCEPT'
	option family 'ipv4'
	option dest '*'
	option src '*'

config rule
	option name 'Allow-Ping'
	option src 'wan'
	option proto 'icmp'
	option icmp_type 'echo-request'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-IGMP'
	option src 'wan'
	option proto 'igmp'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-DHCPv6'
	option src 'wan'
	option proto 'udp'
	option src_ip 'fc00::/6'
	option dest_ip 'fc00::/6'
	option dest_port '546'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-MLD'
	option src 'wan'
	option proto 'icmp'
	option src_ip 'fe80::/10'
	list icmp_type '130/0'
	list icmp_type '131/0'
	list icmp_type '132/0'
	list icmp_type '143/0'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Input'
	option src 'wan'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	list icmp_type 'router-solicitation'
	list icmp_type 'neighbour-solicitation'
	list icmp_type 'router-advertisement'
	list icmp_type 'neighbour-advertisement'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Forward'
	option src 'wan'
	option dest '*'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-IPSec-ESP'
	option src 'wan'
	option dest 'lan'
	option proto 'esp'
	option target 'ACCEPT'

config rule
	option name 'Allow-ISAKMP'
	option src 'wan'
	option dest 'lan'
	option dest_port '500'
	option proto 'udp'
	option target 'ACCEPT'

config include
	option path '/etc/firewall.user'

config zone
	option network 'VLAN4_UNT'
	option input 'ACCEPT'
	option name 'VLAN4_UNT'
	option output 'ACCEPT'
	option forward 'ACCEPT'

config zone
	option input 'ACCEPT'
	option output 'ACCEPT'
	option name 'wireguard'
	option forward 'ACCEPT'
	option network 'CYFR_VPN'

config zone
	option network 'VLAN5_UNT'
	option name 'VLAN5_UNT'
	option family 'ipv4'
	option input 'ACCEPT'
	option forward 'ACCEPT'
	list device 'eth0.5'
	option output 'ACCEPT'

config zone
	option network 'VLAN6_UNT'
	option name 'VLAN6_UNT'
	option family 'ipv4'
	option input 'ACCEPT'
	option forward 'ACCEPT'
	list device 'eth0.6'
	option output 'ACCEPT'

config zone
	option input 'ACCEPT'
	option name 'VLAN7_PRN'
	option output 'ACCEPT'
	option network 'VLAN7_PRT'
	option forward 'ACCEPT'

config zone
	option name 'VLAN8_UNT'
	option input 'ACCEPT'
	option forward 'ACCEPT'
	option network 'VLAN8_UNT'
	option output 'ACCEPT'

config forwarding
	option dest 'VLAN7_PRN'
	option src 'VLAN8_UNT'

config forwarding
	option dest 'VLAN7_PRN'
	option src 'VLAN6_UNT'

config forwarding
	option dest 'VLAN7_PRN'
	option src 'VLAN5_UNT'

config forwarding
	option dest 'VLAN7_PRN'
	option src 'VLAN4_UNT'

config zone
	option network 'VLAN9_UNT'
	option input 'ACCEPT'
	option name 'VLAN9_UNT'
	option output 'ACCEPT'
	option forward 'ACCEPT'

config zone
	option network 'VLAN10_WIFI'
	option input 'ACCEPT'
	option name 'VLAN10_WIFI'
	option output 'ACCEPT'
	option forward 'ACCEPT'

config zone
	option network 'VLAN11_WIFI'
	option input 'ACCEPT'
	option name 'VLAN11_WIFI'
	option output 'ACCEPT'
	option forward 'ACCEPT'

config zone
	option network 'VLAN12_APS'
	option input 'ACCEPT'
	option name 'VLAN12_APS'
	option output 'ACCEPT'
	option masq '1'
	option forward 'ACCEPT'

config zone
	option network 'VLAN13_MGT'
	option input 'ACCEPT'
	option name 'VLAN13_MGT'
	option output 'ACCEPT'
	option masq '1'
	option forward 'ACCEPT'

config forwarding
	option dest 'VLAN7_PRN'
	option src 'lan'

config forwarding
	option src 'lan'
	option dest 'wireguard'

config forwarding
	option dest 'lan'
	option src 'VLAN7_PRN'

config forwarding
	option dest 'lan'
	option src 'wireguard'

config forwarding
	option src 'wan'
	option dest 'wireguard'

config forwarding
	option dest 'wan'
	option src 'VLAN12_APS'

config forwarding
	option dest 'wan'
	option src 'VLAN13_MGT'

config forwarding
	option src 'voice'
	option dest 'wireguard'

config forwarding
	option dest 'wan'
	option src 'voice'

config forwarding
	option dest 'voice'
	option src 'wireguard'

config forwarding
	option src 'VLAN4_UNT'
	option dest 'wireguard'

config forwarding
	option dest 'wan'
	option src 'VLAN4_UNT'

config forwarding
	option dest 'VLAN4_UNT'
	option src 'VLAN10_WIFI'

config forwarding
	option dest 'VLAN4_UNT'
	option src 'VLAN7_PRN'

config forwarding
	option dest 'VLAN4_UNT'
	option src 'wireguard'

config forwarding
	option dest 'VLAN13_MGT'
	option src 'wireguard'

config forwarding
	option dest 'VLAN5_UNT'
	option src 'wireguard'

config forwarding
	option dest 'VLAN6_UNT'
	option src 'wireguard'

config forwarding
	option dest 'VLAN7_PRN'
	option src 'wireguard'

config forwarding
	option dest 'VLAN8_UNT'
	option src 'wireguard'

config forwarding
	option dest 'wan'
	option src 'wireguard'

config forwarding
	option dest 'VLAN10_WIFI'
	option src 'wireguard'

config forwarding
	option dest 'VLAN11_WIFI'
	option src 'wireguard'

config forwarding
	option dest 'VLAN12_APS'
	option src 'wireguard'

config forwarding
	option dest 'wireguard'
	option src 'VLAN10_WIFI'

config forwarding
	option dest 'wireguard'
	option src 'VLAN11_WIFI'

config forwarding
	option dest 'wireguard'
	option src 'VLAN12_APS'

config forwarding
	option dest 'wireguard'
	option src 'VLAN13_MGT'

config forwarding
	option dest 'wireguard'
	option src 'VLAN5_UNT'

config forwarding
	option dest 'wireguard'
	option src 'VLAN6_UNT'

config forwarding
	option dest 'wireguard'
	option src 'VLAN7_PRN'

config forwarding
	option dest 'wan'
	option src 'VLAN5_UNT'

config forwarding
	option dest 'VLAN5_UNT'
	option src 'VLAN10_WIFI'

config forwarding
	option dest 'VLAN5_UNT'
	option src 'VLAN7_PRN'

config forwarding
	option dest 'wan'
	option src 'VLAN6_UNT'

config forwarding
	option dest 'VLAN6_UNT'
	option src 'VLAN10_WIFI'

config forwarding
	option dest 'VLAN6_UNT'
	option src 'VLAN7_PRN'

config forwarding
	option dest 'VLAN10_WIFI'
	option src 'VLAN7_PRN'

config forwarding
	option dest 'VLAN11_WIFI'
	option src 'VLAN7_PRN'

config forwarding
	option dest 'VLAN8_UNT'
	option src 'VLAN7_PRN'

config forwarding
	option dest 'wan'
	option src 'VLAN7_PRN'

config forwarding
	option dest 'VLAN7_PRN'
	option src 'VLAN10_WIFI'

config forwarding
	option dest 'VLAN7_PRN'
	option src 'VLAN11_WIFI'

config forwarding
	option dest 'wan'
	option src 'VLAN8_UNT'

config forwarding
	option dest 'VLAN8_UNT'
	option src 'VLAN10_WIFI'

config forwarding
	option dest 'lan'
	option src 'VLAN10_WIFI'

config forwarding
	option dest 'wan'
	option src 'VLAN10_WIFI'

config forwarding
	option dest 'wan'
	option src 'VLAN9_UNT'

config forwarding
	option dest 'VLAN9_UNT'
	option src 'wan'

A second pair of eyes greatly appreciated.

Posting the /etc/config/network file contents I've also noticed that even though changes have been made via Luci, some configs are left behind or in place. Is this to be expected?

I'm going to backup config, and do a reload and start with just a single LAN being changed to a WAN with a single VLAN and will follow this up with attaching new configs - apologies for all the above info, I will do my best to focus the attention where it matters to follow. Thanks so much for anyone's input.

++++++++++++++++++ OK +++++++++++++++++++++
reinstalled and configured everything accept for mwan3 and all is working as expected. New network configure below. Installing mwan3 now and will follow-up if DHCP quits working again. However, note that:
option vlan '3' was placed placed in:
config switch_vlan
option device 'switch0'
option vlan '3'
option ports '6t 1'
option vid '20'
which I don't think is correct. VOX interfaces vlan is 3 and I did not set switch_vlan option vlan to 3. It may be a Luci thing, I'm going to test setting it to 20 manually in /etc/config/network.


config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd67:a9e6:aab6::/48'

config interface 'lan'
	option type 'bridge'
	option ifname 'eth0.1'
	option proto 'static'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'
	option ip6assign '60'

config device 'lan_eth0_1_dev'
	option name 'eth0.1'
	option macaddr '74:4d:28:53:cd:16'

config interface 'wan'
	option ifname 'eth0.2'
	option proto 'dhcp'

config device 'wan_eth0_2_dev'
	option name 'eth0.2'
	option macaddr '74:4d:28:53:cd:17'

config interface 'wan6'
	option ifname 'eth0.2'
	option proto 'dhcpv6'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '6t 0'
	option vid '1'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option vid '2'
	option ports '6t 2'

config switch_vlan
	option device 'switch0'
	option vlan '3'
	option ports '6t 1'
	option vid '20'

config interface 'WANB'
	option ifname 'eth0.20'
	option proto 'dhcp'

config switch_vlan
	option device 'switch0'
	option vlan '4'
	option vid '3'
	option ports '6t 1t 2t 0t'

config interface 'VOX'
	option ifname 'eth0.3'
	option proto 'static'
	option ipaddr '10.3.10.1'
	option netmask '255.255.255.0'

config switch_vlan
	option device 'switch0'
	option vlan '5'
	option ports '6t 1t 2t 0t'
	option vid '4'

/etc/config/dhcp


config dnsmasq
	option domainneeded '1'
	option boguspriv '1'
	option filterwin2k '0'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option nonegcache '0'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.auto'
	option nonwildcard '1'
	option localservice '1'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv6 'server'
	option ra 'server'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

config dhcp 'VOX'
	option start '100'
	option leasetime '12h'
	option limit '150'
	option interface 'VOX'
	list dhcp_option '132,VID=3'
	list dhcp_option '6,10.3.10.1,8.8.8.8,8.8.4.4'
	option force '1'

Confirmed DHCP is working including VLAN designations:

root@OpenWrt:/etc/config# cat /tmp/dhcp.leases 
1602619179 00:15:65:e4:66:22 10.3.10.236 SIP-T27G 01:00:15:65:e4:66:22
1602619324 e8:d8:d1:4b:88:88 192.168.1.192 sentinal-hplt 01:e8:d8:d1:4b:88:88

trendy · October 13, 2020, 8:58am

Mixing tagged and untagged frames on the same interface can cause issues. I remember from a previous Mikrotik I had running with OpenWrt everything was tagged.

Other than that you have a index number called vlan and the vlan id (which is the actual vlan used) called vid.

troysio · October 13, 2020, 9:08am

Thanks for the feedback @trendy Still confused though, so is option vlan an index? Is that its purpose? If so, where does option vid stand? I''ve since made the following adjustments manually and don't see any issues thus far. I'm needing vlan 3 for phones and option 132 dns, another rabbit hole.


config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fddb:333f:8f83::/48'

config interface 'lan'
	option type 'bridge'
	option ifname 'eth0.1'
	option proto 'static'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'
	option ip6assign '60'

config device 'lan_eth0_1_dev'
	option name 'eth0.1'
	option macaddr '74:4d:28:53:cd:16'

config interface 'wan'
	option ifname 'eth0.2'
	option proto 'dhcp'

config device 'wan_eth0_2_dev'
	option name 'eth0.2'
	option macaddr '74:4d:28:53:cd:17'

config interface 'wan6'
	option ifname 'eth0.2'
	option proto 'dhcpv6'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '6t 0'
	option vid '1'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option vid '2'
	option ports '6t 1'

config switch_vlan
	option device 'switch0'
	option vlan '20'
	option ports '6t 2'
	option vid '20'

config switch_vlan
	option device 'switch0'
	option vlan '3'
	option ports '6t 1t 2t 0t'
	option vid '3'

config interface 'WANB'
	option ifname 'eth0.20'
	option proto 'dhcp'
	option force_link '1'

config interface 'VOX'
	option ifname 'eth0.3'
	option proto 'static'
	option netmask '255.255.255.0'
	option ipaddr '10.33.10.1'
	list dns '8.8.8.8'
	list dns '8.8.4.4'

Note to self and others, don't ever rely on Luci to sysconfig update and save your config - the save config checkbox does not always work. Just had to reconfigure everything "again". Always conduct your sysconfig update on a refresh reload before configuring anything.

trendy · October 13, 2020, 9:17am

Does this answer your question?

troysio · October 13, 2020, 9:20am

Having the ability to rename Luci titles in switch config would be great for those getting creative with interfaces as well, another rabbit hole. I'm about to install mwan3, if things go into show stopper mode again, I think I'm going to end-game mode and making use of bonding on the WANS. Again, thank you @trendy

troysio · October 13, 2020, 9:22am

Crystallized, thank you.

troysio · October 13, 2020, 9:24am

Crystal, thank you! Forgive my frustration if its projecting, its only due to my ignorance.

trendy · October 13, 2020, 9:28am

This must be some hardcoded setting in Luci, to follow the labeling on the device. Maybe you can search in the Luci files or someone else might have an idea where is it stored.

troysio · October 13, 2020, 9:31am

@trendy you mention your experience with Mikrotik and not to mix. I've set VOX as tagged across the board, is this what you're referring to - reading your link I see mention of some hardware only accommodate 4bit on VLANS. Would it be safer for me to go with setting WANB at 3 and setting option 132 vid=another vlan idea for example in dnsmasq and/or options on interfaces?

troysio · October 13, 2020, 9:33am

Thought about hardcoded the html/css but surely it would be overwritten, I'll dig in on Luci threads thanks again and again.

trendy · October 13, 2020, 9:43am

I suppose that you have a managed switch connected to the Mikrotik. At least I had one and all the ports which had vlan tags, were only sending tagged frames. So if you want to use vlan 3 tagged on all ports, make all vlans tagged on all ports and let the switch drop or add the vlan id depending on the capabilities of the host.

troysio · October 13, 2020, 9:52am

I see, this is exactly how I've got our upstream LAN switch configured (all ports tagged) CRS328 MT running SWOS. All phones are configured broadcast option 132, router RBM33G receives and knows to assign VLAN3 to phones. Thank you for the reassurance and worry shun!

trendy · October 13, 2020, 9:54am

Then make sure you are running some kind of per vlan stp on the switch as you have more than 1 ports on the same vlan and you'll have a bridge loop.

troysio · October 13, 2020, 9:57am

Woah, moment please...

I believe RSTP tab and its auto settings cover potential loops? Please let me know if more screen in shots are needed. Honestly the only reason I assigned VLAN20 to WANB was to get it out of scope of future VLAN variables needed.

trendy · October 13, 2020, 10:15am

I am not familiar with Mikrotik's SwOS, so I cannot say for sure it is right or wrong. But it seems that you generally allow all tagged vlans and you have default vlan id for untagged frames. The switch looks like it is root bridge and some ports are disabled to prevent loops.

troysio · October 13, 2020, 10:24am

Thanks for your insight, I'd like to mark a post as solution on your behalf just not sure which one to choose

I'm going to try installing mwan3 now to see what happens, hopefully I just had something a muck elsewhere in previous config regarding "not issuing DHCP addresses" original issue.

Nevertheless, if things go wrong on mwan3 install I'll revert to making use of bonding on the WANS for redundancy and mark one of your post as solution.

trendy · October 13, 2020, 12:22pm

Maybe the one that was the most helpful.

troysio · October 13, 2020, 4:17pm

Final follow-up, regarding making use of mwan3 pay special attention to naming schemas of interfaces as they seem to be case sensitive in the eyes of mwan3, not so much in the eyes of openwrt itself. If you've already configured interfaces via Luci, then modify /etc/config/network directly to make case changes. Again, thank you @trendy

trendy · October 14, 2020, 9:09am

OpenWrt, as a linux derivative, is case sensitive in general.

system · October 24, 2020, 9:09am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.